2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
2.4 Configure TCP Wrappers - Allow localhost. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.4 Configure TCP Wrappers - Deny access to this server from all networks | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.4 Configure TCP Wrappers - enable tcp_wrappers for inetd | CIS Solaris 10 L1 v5.2 | Unix | |
2.4 Configure TCP Wrappers - enable tcp_wrappers for rpc/bind. Note: This check is recommended by CIS, but not required. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.4 Configure TCP Wrappers - Make sure that /etc/hosts.allow does exist. | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
3.3 Enable Stack Protection - Makes sure 'noexec_user_stack' is set to 1 in /etc/system. Note: Only applicable if NX bit is set. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
4.3 Enable Debug Level Daemon Logging - Check if daemon.debug is set to /var/log/connlog | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
4.3 Enable Debug Level Daemon Logging/4.4 Capture syslog AUTH Messages - Check if svc:/system/system-log is online | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
4.4 Capture syslog AUTH Messages - Check if auth.info is set to var/log/authlog | CIS Solaris 10 L1 v5.2 | Unix | |
6.1.1 Configure SSH - Check if Host * is set in /etc/ssh/ssh_config. | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
6.9 Harden host operating system | CIS Sybase 15.0 L1 DB v1.1.0 | SybaseDB | |
7.2 Set Password Expiration Parameters on Active Accounts - Check MAXWEEKS is set to 13 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.2 Set Password Expiration Parameters on Active Accounts - Check MINWEEKS is set to 1 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.2 Set Password Expiration Parameters on Active Accounts - Check WARNWEEKS is set to 4 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.3 Set Strong Password Creation Policies - Check DICTIONDBDIR is set to /var/passwd | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.3 Set Strong Password Creation Policies - Check DICTIONLIST is set to /usr/share/lib/dict/words | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.3 Set Strong Password Creation Policies - Check MAXREPEATS is set to 0 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.3 Set Strong Password Creation Policies - Check MINDIFF is set to 3 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.3 Set Strong Password Creation Policies - Check MINUPPER is set to 1 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.3 Set Strong Password Creation Policies - Check PASSLENGTH is set to 8 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.3 Set Strong Password Creation Policies - MINALPHA is set to 2 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.3 Set Strong Password Creation Policies - MINNONALPHA is set to 1 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.3 Set Strong Password Creation Policies - WHITESPACE is set to YES | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.6 Set Default umask for Users - Check if 'umask' is set to 077 - Check /etc/profile. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
7.6 Set Default umask for Users, Check if 'UMASK' is set to 077. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
7.7 Set Default umask for FTP Users - Check if 'defumask' is set to 077. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
7.9 Lock Inactive User Accounts - Check if definact is set to 35. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
8.2 Create Warning Banner for CDE Users - CDE package was not found | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.labelString' is not set to default string. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.labelString' is set appropriately. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
18.3.2 (L1) Ensure 'Configure SMB v1 client' is set to 'Enabled: Bowser, MRxSmb20, NSI' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
18.3.2 Ensure 'Configure SMB v1 client' is set to 'Enabled: Bowser, MRxSmb20, NSI' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
18.3.2 Ensure 'Configure SMB v1 client' is set to 'Enabled: Bowser, MRxSmb20, NSI' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
18.3.4 Ensure 'Configure SMB v1 server' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
18.4.2 (L1) Ensure 'Configure SMB v1 client' is set to 'Enabled: Bowser, MRxSmb20, NSI' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
CIS_Azure_Compute_Microsoft_Windows_Server_2019_v1.0.0_NG_DC.audit from CIS Azure Compute Microsoft Windows Server 2019 Benchmark v1.0.0 | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 NG DC | Windows | |
CIS_Microsoft_Intune_for_Windows_10_v3.0.1_L1.audit from CIS Microsoft Intune for Windows 10 Benchmark v3.0.1 | CIS Microsoft Intune for Windows 10 v3.0.1 L1 | Windows | |
CIS_Microsoft_Intune_for_Windows_10_v3.0.1_L2.audit from CIS Microsoft Intune for Windows 10 Benchmark v3.0.1 | CIS Microsoft Intune for Windows 10 v3.0.1 L2 | Windows | |
CIS_Microsoft_Intune_for_Windows_11_v3.0.1_L1.audit from CIS Microsoft Intune for Windows 11 Benchmark v3.0.1 | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | |
CIS_Microsoft_Intune_for_Windows_11_v3.0.1_L2.audit from CIS Microsoft Intune for Windows 11 Benchmark v3.0.1 | CIS Microsoft Intune for Windows 11 v3.0.1 L2 | Windows | |
CIS_Microsoft_Windows_10_Stand-alone_v3.0.0_BL.audit from CIS Microsoft Windows 10 Stand-alone Benchmark v3.0.0 | CIS Microsoft Windows 10 Stand-alone v3.0.0 BL | Windows | |
CIS_Microsoft_Windows_10_Stand-alone_v3.0.0_L1_BL_NG.audit from CIS Microsoft Windows 10 Stand-alone Benchmark v3.0.0 | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | |
CIS_Microsoft_Windows_10_Stand-alone_v3.0.0_L1_BL.audit from CIS Microsoft Windows 10 Stand-alone Benchmark v3.0.0 | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | |
CIS_Microsoft_Windows_10_Stand-alone_v3.0.0_L2_BL.audit from CIS Microsoft Windows 10 Stand-alone Benchmark v3.0.0 | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL | Windows | |
CIS_Microsoft_Windows_11_Stand-alone_v3.0.0_BL.audit from CIS Microsoft Windows 11 Stand-alone Benchmark v3.0.0 | CIS Microsoft Windows 11 Stand-alone v3.0.0 BL | Windows | |
CIS_Microsoft_Windows_11_Stand-alone_v3.0.0_L1_BL.audit from CIS Microsoft Windows 11 Stand-alone Benchmark v3.0.0 | CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL | Windows | |
CIS_Microsoft_Windows_11_Stand-alone_v3.0.0_L2_BL.audit from CIS Microsoft Windows 11 Stand-alone Benchmark v3.0.0 | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 BL | Windows | |
CIS_Microsoft_Windows_Server_2019_Stand-alone_v2.0.0_L1_MS.audit from CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS | Windows | |
CIS_Microsoft_Windows_Server_2019_Stand-alone_v2.0.0_L2_MS.audit from CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L2 MS | Windows | |